CVE-2023-25832

Summary

There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.0 and below that may allow an attacker to trick an authorized user into executing unwanted actions.

Affected Software

VendorProductVersion RangeStatus
EsriPortal for ArcGISAll <= 11.0affected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References